ISSO
Fort Meade, MD 
Share
Posted 28 days ago
Email Job 
Email Job
Job Description
Position: ISSO
Location: Fort Meade, MD
Job Id: 401
# of Openings: 1
ISSO
Ft. Meade, MD (hybrid onsite/telework)
SUMMARY:
Founded in 2001, Indigo IT is an award winning information technology consulting and services company. We are a trusted services provider to government agencies seeking innovative Cloud, Cybersecurity, Knowledge Management, and Enterprise solutions. We know our defense, federal, and civilian customers have critical IT infrastructures that must remain reliable, available, and maximized. Indigo IT is mission focused and committed to maintaining a sense of urgency in anticipating and supporting our customers' technology goals and objectives. Our unique ability to think beyond today allows our clients to stay ahead of their IT challenges. As a Veteran-Friendly employer, we are proudly partnered with the Virginia Values Veterans (V3) Program, and a recipient of the HIRE Vets Gold Medallion Award, which recognizes our commitment to recruiting our nation's Veterans. Recognized on the Inc. 5000 list of America's fastest growing companies in 2020 & 2021 and named as one of the 2022 Best Places to Work in Virginia, we are always looking to hire top talent in the field - come join us today!
This position will be responsible for providing expert level support in the implementation of the Risk Management Framework in accordance with the National Institute of Standards and Technology. This includes providing and maintaining all security assessment and authorization (SA&A) packages for completeness in an acceptable format using automated and manual inputs to ensure compliance with FISMA and other Federal and agency standards. Additionally, this position is largely focused on operational and technical security capabilities to include incident handling and analysis, entity scanning and reporting of results directly to the CISO (patch, vulnerability, real-time intrusion detection, and baseline compliance), as well as both configuration and review of intrusion detection and prevention tools as required to assess and improve the overall security posture of the organization.
ESSENTIAL FUNCTIONS/RESPONSIBILITIES:
*Experience with DOD 8510 (DIACAP and RMF), DoD 6510 and 8500 series instructions, and NIST 800 series guidance
*Experience with IAVMs, DISA STIGs, POA&Ms, and related Federal/DoD policies and regulations
*Experience working with information security practices, networks, software, and hardware
*Strong analytical and problem solving skills for resolving security issues
*Strong organizational skills to balance various workloads
*Strong interpersonal skills to interact with customers and team members
*Excellent communication skills to interact with team members and support personnel
*Ability to work in a team environment
*Self-driven and motivated
*Experience documenting and assessing RMF controls, Plan of Actions and Milestones (POA&Ms), and vulnerabilities in eMASS.
*Experience with DISA's security change request procedures.
*Experience reading and interpreting DOD STIG results from SCAP scans and self-assessment checklists via STIG Viewer.
*Experience running, reading and/or interpreting BURP scans.
*Experience reading and interpreting ACAS scan results.
*Familiarity with Cyber Command vulnerability remediation timelines
*Experience reading and interpreting Topology Drawings
*Excellent memorization skills
EDUCATION, EXPERIENCE, & CERTIFICATIONS:
  • Active Secret Clearance
  • Bachelor's degree and at least ten (10) or more years of direct experience in computer and systems security. Six (6) years of general IT experience is equivalent to a bachelor's degree.
  • At least five (5) years of experience providing direct support to Federal IT compliance initiatives including the preparation/development of annual FISMA reports, compiling responses to Federal information requests, and implementing provisions set forth by the OMB, DHS, and other Federal guidance entities.
  • Experience working in a Security Operations Center (SOC) or similar environment is highly recommended.
  • Require DOD 8570-01M IAT Level II certification (CompTIA Security +, CASP, CeH, or equivalent)
  • Preferred relevant professional certifications from recognized industry consortiums including ISC2 (CISSP), ISACA (CISA), SANS/GIAC (GMON, GCIA, GCED, GCIH, GPEN).
SPECIFIC KNOWLEDGE, SKILLS, & ABILITIES:
  • Information Certification & Accreditation Regulations, Federal Information Security Management Act (FISMA), and National Institute of Standards and Technology (NIST) guidance
  • Security Assessment and Authorization (SA&A) process in alignment with the NIST Risk Management Framework
  • Network monitoring
  • Intrusion and malware detection using host-based and network-based intrusion detection systems (IDS) and log management applications
  • Familiarity with vulnerability scanning and management using Tenable Nessus; reviewing scan reports.
  • Identifying, collecting, processing, documenting, reporting, cyber security/ incident response events
  • Architecting, engineering, developing and implementing cyber security/incident response policies and procedures; engineering, testing, installing, patching, and upgrading various information security hardware and software applications
  • Information system security, cyber security, computer forensics, vulnerability assessment and penetration testing, malware analysis, insider threat
  • Skill in conducting and analyzing the results of test events including utilizing in-depth knowledge of TCP/IP ports and protocols to provide accurate, concise, and complete results to senior leadership.
  • Skill in designing a security focused data analysis structure (i.e., the types of data your test must generate and how to analyze those data).
  • Skill in determining an appropriate level of test rigor for a given system.
  • Skill in developing operations-based testing scenarios.
  • Ability to recommend improvements to the internal processes to maximize customer service levels and improve overall security posture of the organization.
  • Excellent time management skills, with ability to juggle multiple priorities and complete tasks on time
  • Strong analytical skills with the ability to analyze data sets to determine trends, establish strategies, and make decisions about real time threats as well as identification and elimination of false positives from operational reports.
  • Outstanding interpersonal and communication skills with the ability to effectively communicate across diverse audiences.
  • Self-starter, ability to work effectively both independently and as part of a team including the ability and desire to own every aspect of a task from start to finish.
Indigo IT is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. This employer uses E-Verify.
Apply for this Position

 

Read More
Job Summary
Company
Indigo IT, LLC
Start Date
As soon as possible
Employment Term and Type
Regular, Full Time
Required Education
Bachelor's Degree
Required Experience
10 years
Email this Job to Yourself or a Friend
Indicates required fields